History / Status

COMPLETE

Introduction

First things first. If you are a novice at linux I recommend that you should get help with setting this up. This is an advanced email server configuration. This configuration will allow you to serve multiple domains on one server. You will get the following features:

Books You May Find Helpful

Installing CentOS

Start with my HOWTO: CentOS 5.x base server. That howto will get CentOS installed and ready for this howto. Please note, if you don't follow that howto then you won't get the correct version of postfix. I have Postfix with mysql support in my repo.

NOTE: Don't forget to remove /usr/lib/postfixadmin/setup.php. Postfixadmin will complain until you do.

Configuring Postfix

Here we go with more config files. You'll have to be sure to change some settings to match your host. The config files will have sections commented out. Don't worry about it. These sections are for spam/virus/sympa configuration. Just copy and past to create the config files. What ever you see here replaces what already exists.

Notes About Security And Clear Text Passwords

My howto has been written to use clear text passwords. This can and does cause security problems. There are 2 issues at hand: Database security and sending of clear text passwords through the internet.

Lets start with database security. With my configuration passwords are stored in clear text in the database. As long as the database is kept secure passwords in the clear won't cause a problem. If you want the passwords encrypted then all the software must be configured for it.

Now for the problem of clear text passwords over the internet. If you use SSL/TLS then the passwords are encrypted in the SSL connection. POPS, IMAPS and SMTPS all use SSL/TLS connection. So as long as your client supports secure connections to the mail server your clear text passwords will be secure.

First of all I would like to thank you for providing this how-to. This is perhaps the most complete guide I could find. I followed most of the configuration/setup in this tutorial and was able to setup a production mail server. However, I am having problems enforcing quotas for all virtual users. By any chance, were you able to configure quotas for virtual users in addition to this guide? I looked at your guide for centos6 but it seems a lot has changed and I am afraid to break my production server if I tweak things directly.

Wow this page is a lifesaver. All the other guides about how to set up a mail system bombard you with 10 different options (which all do the same thing) for each step. Choose 1 wrong option and nothing works. This guide just says "Hey... Set it up this way and it will work." Many settings have changed since this was written but most are obvious, just checking maillog after trying to connect can tell you what's wrong in most cases. The biggest problems are with Dovecot. First of all you need to yum install dovecot-mysql in addition to dovecot, because mysql support has been separated out. Also, the dovecot.conf syntax has totally changed and should now look like this:

Forgot to mention another small error I had hit with dovecot when following this guide.

If when starting dovecot service you get:
>service dovecot start
Starting Dovecot Imap: If you have trouble with authentication failures,
enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork
This message goes away after the first successful login.
Error: socket() failed: Address family not supported by protocol
Fatal: listen(::, 993) failed: Address family not supported by protocol
[FAILED]

You need to add 'listen = *' in your dovecot.conf file. That should fix that issue.

I saw this issue listed in a previous comment a while back, but no solution ever posted. If you are getting permission denied on the smtpd.pem file when starting dovecot, check if SELinux is still running. I was receiving the following error:
> service dovecot start
Starting Dovecot Imap: Error: ssl_cert_file: Can't use /etc/postfix/ssl/smtpd.pem: Permission denied
Fatal: Invalid configuration in /etc/dovecot.conf

[FAILED]

Check selinux with command 'sestatus'. If current mode says enforcing, try command "setenforce 0" and then try start dovecot. If it does, you need to update selinux policy (don't ask me!) or make sure selinux is disabled (my solution). To disable SELinux after a reboot make sure to edit /etc/selinux/config and change ENFORCING to DISABLED. My mistake was I set the conf file to disable SELinux and assumed it was off when it was still active since I hadn't rebooted. I usually do at during my server builds to update the kernel, but this particular build I couldn't. 'setenforce 0' fixed the issue to change the current selinux mode.

Another small error with the guide. 'default_mail_env' in dovecot.conf is now 'mail_location' in later versions Not sure which version, but mine threw an error at that one.

this a great tutorial but i think they have a problem.
When i send a mail to test@pornshop.ca postfix create a mailbox /home/vmail/test@pornshop.ca or dovecot search the mail in /home/vmail/pornshop.ca/test

All around, this is a great tutorial. As another commenter pointed out, though, you must pay careful attention to the Postfix and Dovecot config files. I got tripped up because I did not assign the correct uid and gid (in main.cf, dovecot.conf, and dovecot-mysql.conf), as well as several permissions issues on random files and directories.
System: CentOS 5.4, Postfix 2.4, Webmin 1.5, Squirrelmail 1.4.8, MySQL 5.1.43, Dovecot 1.0.7.
For the record, though, this is my first server setup ever, as well as my first mail server, so I can attest to the fact that this will work for a beginner (with substantial effort).
Now I have to work the kinks out of the dovecot configuration...

i have followed the above and it seems to be accepting email for the domains i setup but when i log in as a user there is no email there despite me sending email from my gmail account, i dont get non delivery reports either. please help